Skip to content

extsvc: unify OAuth and username/password authentication methods in outbound requests

Administrator requested to merge aharvey/unify-auth into main

Created by: LawnGnome

Right now, all the external service client implementations have their own versions of adding authentication headers to outbound requests. In practice, there's a lot of commonality between the methods: an OAuth bearer token is always going to look the same, but we have repeated req.Header.Set("Authorization", "Bearer ...") calls.

Unifying these makes it easier for campaigns to add support for generic user tokens: rather than having to implement code host specific switches in the campaigns and repo-updater packges, we can instead implement these once in internal/extsvc and use the generic types in the relevant campaigns tables, which is a significant win.

I've elected to only update github, gitlab, and bitbucketserver, mostly because (a) that's what we need for campaigns, and (b) there are diminishing returns after that, since the other service types only support one method of authentication, and that method isn't always standard.

Implementation wise, there isn't much of note here. OAuthBearerToken probably looks a touch overengineered having a struct with a field right now instead of just being a type alias for string, but this pays off in the next PR.

This is part of #14989.

Merge request reports

Loading